Address loading

--------------------------------------------------------------------------------

Well this is all quite simple to advanced hackers but its surprising how many people DO NOT know this and have been hacking for quite some time!

Well address loading is one of the most important things in MIPS. It is used in custom controller hooks, saving data, loading data, jumping to registers (jalr_) and as you should already know the most of these are seen everywhere in the PS2 Dis!

SECTIONS
Main Commands
How to use them
OTHER

COMMANDS
The basic commands used are:

Load Upper Imidiate (LUI)
Or Imidiate (ORI)

HOW TO USE THEM
Example are the best way to explain this so il use a few:

Examples
1) We want to load an address to store the byte '1' at 00704528 and then store it 24 address above it, then load the first one.
Commands:
1--lui a1, $0070
2--ori a1, a1, $4528
3--addiu v0, zero, $0001
4--sb v0, $0000(a1)
5--sb v0, $0024(a1)
6--lb v1, $0000(a1)

As you can see ive highlighted the important areas of this example.
Explination:
line 1-The Load Upper Imidiate command does exactly what it says, it loads the imidiate value (the 4 digits preceeding the command, 0070 and that is the first 4 digits of our address we want to store to) into the upperhalf of the register a1 so a1 will now = 00700000.

line 2-To complete our address we use the Or imidiate command which is the same as an LUI but it loads the last 4 imidiate digits. *note i added to a1 and not zero* so now a1 will = 00704528 which is the address we wanted!

line 3-This line is setting the byte i want to store at our loaded address in a1, which is 1.

line 4-This is storing the byte, *note i didn't store word etc because it is too long for this, a byte is only 2 digits long* so the syntax to store at our address is

SB R1, $0000(R2)

where R1 is what we want to store and R2 is the register that we put the address we want to store it in, for now we will not worry what the $0000 is il explain it better in the next line.

line 5-This is where i want to store our '1' at 24 address down from 00704528 this is called the OFFSET. so now the propper syntax is

SB R1, $oooo(R2)

where R1 is what we want to store and R2 is the register that we put the address we want to store it in and oooo is the offest

So now instead of having to do another ORI A1, A1, $454C to store it 24 address down we can just put $0024(a1) as the offset!

Sub example
offset $0000(R2) stores it on the exact address you loaded
offset $0004(R2) stores it 4 address down from the address you loaded so if you loaded 00100000 it would store it at 00100004
ETC


line 6-This just loads the byte we stored at the origional a1

OTHER
this can be espicially usefull for jump to register command where mabey on a condition an address 00501234 (which will be a function) is stored at an offset 00500000 or on the other condition it stores(which is another function) 00501400. then in a sub it loads the offset 00500000 and gets the address out of it and then uses JALR R1 where R1 is the register the address was loaded into. so eg (il cut out parts)

lui s0, $0050
ori s1, s0, $4444
ori v1, s0, $1234
ori v0, s0, $1400
lw a0, $0000(s1)
addiu a1, zero, $0001
beq a0, a1 (6 lines down)
nop
sw v1, $0000(s0)
beq zero, zero, (passed next sw)
nop
sw v0, $0000(s0)
jr ra
nop

next sub
lui s0, $0050
lw a0, $0000(s0)
jalr a0

so it that case im using multiple ori with the one lui! this is because im always adding to the same register i used in the ori s0 but placing the output into a different register than s0

so the first ori is just a place to load for a condition
the 2nd ori loads the first address it might store
the 3rd ori loads the 2nd address it might store

the load word loads the value for the condition
the addiu sets a0 to 1 so it can compare the loaded value to 1
the beq determins what to store if a0 was = to 1 then it will store the 2nd address v0 if its not it will store the first address then jump passed the storing the 2nd address

the jr ra finish that sub

next

the lui loads 00500000 into s0 (where we stored our diff address)
then the lw loads the value there
the jalr jumps to the value held in a0



not my best tut written a long time ago, hope you enjoied!

Credit:cYs Driver

__________________